Preview Tool

Cisco Bug: CSCum52008 - Session token in URL under troubleshooting path

Last Modified

Jun 09, 2016

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases

1.2(1.901) 1.3(120.129)

Description (partial)

ISE should be hardened to use Cookie or POST to pass Session Identifiers.

CSRF token ID is passed within URL admin/pages/modules/monitor/troubleshoot/
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.